TPRM Fundamentals - An Intern's Perspective

by Alessandra Marciano | August 4, 2021 | Risk Professionals

A college student majoring in Economics and Data Science, I love analytical thinking and learning. As part of my internship with Shared Assessments this summer, I leapt at the opportunity to take the Third Party Risk Fundamentals Certificate course.    With no experience in TPRM, I hoped ....

Types of Third Party Risk

Types of Third Party Risk and Lessons Learned: Beyond Textbook Definitions

by Linnea Solem | August 2, 2021 | Third Party Risk Management

I’ve worked in Third Party Risk for over twenty years. Over the years I learned first-hand the intersection of types of third party risk and business risk based on the business model and type of product or service that is outsourced. My experience as a technology service provider to regulated fina ....

Ransomware Risk

Collected Thoughts: Ransomware Risk

by Charlie Miller | July 30, 2021 | Cyber Risk, Cybersecurity, Data & Cybersecurity, Data Breach

This month, several Shared Assessments Industry Strategy and Working Groups came together in a cross vertical meeting, Ransomware: It Takes An Organization, to address ransomware threats.   Sophisticated ransomware attacks are being used with adjusted methods to strike supply chains and m ....

Regulations TPRM

Flavors of Regulations Impacting TPRM

by Jeremy Byellin | July 30, 2021 | Public Policy

July is coming to an end, and with it goes National Ice Cream Month.  Take a moment to savor the flavor of the season. Cookies-and-cream? Mint-chocolate chip? Or...Neopolitan? There are a variety of flavors of risk to consider in third party partnerships, too, and not least among them is complia ....

digital supply chain

Protecting Your Digital Supply Chain - Three Tips

by Nasser Fattah | July 21, 2021 | Cybersecurity

In his 2001 book From Analogue to Digital Supply Chains Tony Hines coined the term “digital supply chain” to explain the electronic distribution of goods or services that had previously been supplied in physical form.  The digital delivery of media including movies (Netflix), books (Kindles), a ....

ransomware TPRM

Ransomware and TPRM: Steps You Can Take Now

by Sabine Zimmer | July 13, 2021 | Cyberattacks, Cybersecurity, Data & Cybersecurity

Ransomware attacks are dominating headlines. Solar Winds, JBS, Colonial Pipeline, and Kaseya VSA are household names not because of the products or services these organizations offer, but because of notorious cyberattacks against these organizations. Publicity aside, the $20 billion sum the world sp ....

kaseya 2

Observing The Kaseya VSA Attack

by Tom Garrubba | July 8, 2021 | Cyberattacks, Data & Cybersecurity

Just before the Fourth of July weekend, Kaseya, an IT solutions developer for managed service providers (MSPs) and enterprise clients, fell prey to a cyberattack waged by REvil, a Russia-based private ransomware-as-​a-service (RaaS) provider. CBS has called this the single biggest global ransomwar ....


New to the Shared Assessments Team

by Sabine Zimmer | July 8, 2021 | Shared Assessments

Shared Assessments is growing and we are excited to welcome new compliments to our team.  We have different backgrounds but share a purpose in our work as we strive to build a trusted risk community through the power of many. We share purpose in our personal lives as well – you will notice a comm ....


Strategies for Building Resilience

by John Bree, Bob Jones, Kaelyn Lewis, Gary Roboff | July 1, 2021 | Business Continuity, Business Resiliency

Resilience is a watchword for every risk management team and every governing board. Resilience represents the ability of entities to avoid, prevent, adapt, respond to, recover from, and learn from operational disruptions.[i] While ensuring business continuity is a key aspect of business resilience, ....


5 Resilience Misperceptions that the Pandemic Dispelled

by Eric Krell | June 28, 2021 | Business Continuity, Business Resiliency

When discerning what the pandemic taught us about business resilience, the lessons contain good news and bad news. On a positive note, we learned that effective business resilience, much like psychological resilience, is the result of “ordinary magic.” Organizations that demonstrated the grea ....

« Previous PageNext Page »